https://blog.thc.org/infecting-ssh-public-keys-with-backdoors
I am not a security expert and I wonder:
- Does the described method infect the remote or local machine (from which I connect)?
- Can this method be prevented? For example, correctly configuring your
etc/ssh/ssh_config
It seems that every VPS supplier can hack you? The description shows that AWS does “harmless”, but what if my hosting is a bad actor?
No separate keys, use certificates with proper SSH-CA and you’ll never share a key again. It’s not a new thing.